ipfw
Results 1 to 6 of 6

Thread: ipfw

  1. #1
    Senior Member tampabay420's Avatar
    Join Date
    Aug 2002
    Posts
    953

    ipfw

    Hey AO!

    Iím trying to set up a secure firewall for my FreeBSD boxÖ Iím using ipfw and was wondering what rules you guys/gals fancy on your boxes.

    Any tutorial links would be helpful ;-)

    Here are some links that Iíve found so far: http://www.google.com/search?hl=en&i...=Google+Search
    yeah, I\'m gonna need that by friday...

  2. #2
    Senior Member
    Join Date
    Aug 2002
    Posts
    508
    hi... I know you ask for ipfw...but I just wanna give you cool option, try NETBOZ if you like to give it try. It's cool firewall .
    Main Features
    Web administration interface
    Does not use a hard disk
    Works with 2 or 3 network interfaces
    NAT for publishing LAN or DMZ services
    DNS server
    DHCP server
    DHCP client on WAN interface
    PPPoE support (new!)
    Real time traffic monitoring
    Unlimited users
    It's free !
    I've got the link http://www.netboz.net/

    I hope this helps
    Not an image or image does not exist!
    Not an image or image does not exist!

  3. #3
    Senior Member tampabay420's Avatar
    Join Date
    Aug 2002
    Posts
    953
    Hey All,

    -Just wondering about ipfw and other packet filtering...

    -Is it possible to add Time as a variable in the exclusion of packets...
    -Example: Iíd like to cut-off non-critical services during non-working hours, but still give access to my daemons, etc...

    -Is this possible? Thanks!
    yeah, I\'m gonna need that by friday...

  4. #4
    Master-Jedi-Pimps0r & Moderator thehorse13's Avatar
    Join Date
    Dec 2002
    Location
    Washington D.C. area
    Posts
    2,884
    IPFW is that ganular. The only way I can see around it is to write a cron job that will start and stop services.

    Hope this helps!
    Our scars have the power to remind us that our past was real. -- Hannibal Lecter.
    Talent is God given. Be humble. Fame is man-given. Be grateful. Conceit is self-given. Be careful. -- John Wooden

  5. #5
    Senior Member IKnowNot's Avatar
    Join Date
    Jan 2003
    Posts
    792
    Not the most elegant way of doing it, but when I was using IPFWadm I used a few different firewall scripts, and included the Ďat' command within the scripts to bring up the next script when it was time. It worked OK but was a bear to get the scripts in sync. ( like "at 1:00 AM SAT -f /etc/masq1 " )
    thehorse13 is right, Cron would be probably be a better way of doing it.
    " And maddest of all, to see life as it is and not as it should be" --Miguel Cervantes

  6. #6
    Senior Member tampabay420's Avatar
    Join Date
    Aug 2002
    Posts
    953
    Thanks alot y'all!
    Your answers are most informative...
    If success { i'll post results; }
    yeah, I\'m gonna need that by friday...

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •